Privilege Escalation Vulnerability in OpenStack Identity by OpenStack
CVE-2014-3476
Currently unrated
Summary
OpenStack Identity (Keystone) prior to specific versions is vulnerable to a privilege escalation flaw due to improper handling of chained delegation. This issue allows remote authenticated users to exploit trust or OAuth tokens with impersonation capabilities, enabling them to create new tokens with elevated roles. Such vulnerabilities can lead to unauthorized access and potential misuse of the OpenStack environment, compromising its integrity and security.
References
Timeline
Vulnerability published
Vulnerability Reserved